Vulnerabilities > Opensuse > Leap > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-18 | CVE-2019-15142 | Out-of-bounds Read vulnerability in multiple products In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file. | 5.5 |
| 2019-08-18 | CVE-2019-15141 | Out-of-bounds Read vulnerability in multiple products WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. | 6.5 |
| 2019-08-16 | CVE-2019-15118 | Uncontrolled Recursion vulnerability in multiple products check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | 5.5 |
| 2019-08-16 | CVE-2019-15098 | NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | 4.6 |
| 2019-08-16 | CVE-2019-15090 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. | 6.7 |
| 2019-08-14 | CVE-2019-14973 | Integer Overflow or Wraparound vulnerability in multiple products _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. | 6.5 |
| 2019-08-13 | CVE-2019-9516 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. | 6.5 |
| 2019-08-12 | CVE-2019-14981 | Divide By Zero vulnerability in multiple products In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. | 6.5 |
| 2019-08-12 | CVE-2019-14980 | Use After Free vulnerability in multiple products In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. | 6.5 |
| 2019-07-30 | CVE-2019-10163 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. | 4.3 |